[Kolab-devel] Open ports?
Bernhard Reiter
bernhard.reiter at intevation.de
Mon Aug 15 21:52:44 CEST 2005
Am Montag, 15. August 2005 14:17 schrieb Markus Heller:
> I'm interested to hear your opinion about which open ports should better be
> hidden behind an iptables entry...
Hide those, they are for internal use:
> tcp 0 0 127.0.0.1:10024 0.0.0.0:* LISTEN
> 19415 385856 2658/amavisd (maste
> tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN
> 0 386455 3262/master
> tcp 0 0 127.0.0.1:10026 0.0.0.0:* LISTEN
> 0 386458 3262/master
> tcp 0 0 127.0.0.1:9999 0.0.0.0:* LISTEN
> 0 386571 3393/perl
> tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN
> 0 385756 2553/spamassassin.p
This one can be used over a vpn or if all people use TLS over IMAP,
otherwise you can block it, as people can use the SSL IMAP port:
> tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
> 0 543950 16120/cyrmaster
The following is sieve, because it is unencrypted, you shall
block it outside of your trusted network:
> tcp 0 0 0.0.0.0:2000 0.0.0.0:* LISTEN
> 0 543959 16120/cyrmaster
Bernhard
More information about the devel
mailing list